chore(deps): bump the go group across 1 directory with 11 updates #158

dependabot · 2024-06-23T23:13:11Z

Bumps the go group with 9 updates in the / directory:

Package	From	To
code.gitea.io/sdk/gitea	`0.15.1`	`0.18.0`
github.com/containers/image/v5	`5.29.2`	`5.31.1`
github.com/fluxcd/go-git-providers	`0.15.0`	`0.20.1`
github.com/fluxcd/pkg/apis/event	`0.5.2`	`0.9.0`
github.com/fluxcd/pkg/apis/meta	`1.1.2`	`1.5.0`
github.com/fluxcd/pkg/runtime	`0.35.0`	`0.47.1`
github.com/fluxcd/source-controller/api	`1.1.0`	`1.3.0`
github.com/go-logr/logr	`1.4.1`	`1.4.2`
github.com/open-component-model/ocm	`0.8.0`	`0.11.0`

Updates code.gitea.io/sdk/gitea from 0.15.1 to 0.18.0

Updates github.com/containers/image/v5 from 5.29.2 to 5.31.1

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.31.1

Fixes an interoperability issue while listing tags from JFrog Artifactory.

v5.31.0

What's Changed

Bump c/storage to v1.53.0, c/image to v5.30.0, and then to v5.30.1-dev by @TomSweeneyRedHat in containers/image#2327

fix(deps): update module github.com/sylabs/sif/v2 to v2.15.2 by @renovate in containers/image#2333

fix(deps): update module github.com/docker/cli to v25.0.4+incompatible by @renovate in containers/image#2334

Move to a tagged version of docker/docker by @mtrmac in containers/image#2336

fix(deps): update go-openapi packages to v0.23.0 by @renovate in containers/image#2337

Update to Go 1.20 by @mtrmac in containers/image#2340

chore(deps): update module github.com/go-jose/go-jose/v3 to v3.0.3 [security] by @renovate in containers/image#2338

chore(deps): update module gopkg.in/go-jose/go-jose.v2 to v2.6.3 [security] by @renovate in containers/image#2339

fix(deps): update module github.com/containers/ocicrypt to v1.1.10 by @renovate in containers/image#2341

chore(deps): update module google.golang.org/protobuf to v1.33.0 [security] by @renovate in containers/image#2344

Add support for Docker HealthConfig.StartInterval (v25.0.0+) by @migesok in containers/image#2345

Fix an unintentionally-added dependency on Go 1.21 by @mtrmac in containers/image#2343

fix(deps): update module github.com/docker/docker to v25.0.5+incompatible by @renovate in containers/image#2348

fix(deps): update module github.com/docker/cli to v25.0.5+incompatible by @renovate in containers/image#2347

[CI:DOCS] Update dependency golangci/golangci-lint to v1.57.0 by @renovate in containers/image#2349

[CI:DOCS] Update dependency golangci/golangci-lint to v1.57.1 by @renovate in containers/image#2351

chore: fix function names by @availhang in containers/image#2357

chore(deps): update dependency containers/automation_images to v20240320 by @renovate in containers/image#2354

fix(deps): update module github.com/distribution/reference to v0.6.0 by @renovate in containers/image#2358

[CI:DOCS] Update dependency golangci/golangci-lint to v1.57.2 by @renovate in containers/image#2359

fix(deps): update module github.com/sigstore/sigstore to v1.8.3 by @renovate in containers/image#2360

Filter BlobInfoCache candidates before prioritization, not in transports by @mtrmac in containers/image#2346

fix(deps): update module golang.org/x/oauth2 to v0.19.0 by @renovate in containers/image#2367

fix(deps): update golang.org/x/exp digest to c0f41cb by @renovate in containers/image#2361

Add a helper for formatting multiple errors by @mtrmac in containers/image#2365

fix(deps): update module github.com/ulikunitz/xz to v0.5.12 by @renovate in containers/image#2366

Drop some minimally-used dependencies by @mtrmac in containers/image#2364

Fix a http.response.Body leak on a permission error by @mtrmac in containers/image#2363

fix(deps): update module github.com/klauspost/compress to v1.17.8 by @renovate in containers/image#2372

fix(deps): update module github.com/vbauerster/mpb/v8 to v8.7.3 by @renovate in containers/image#2373

use containers/storage/pkg/fileutils/(Exists,Lexists) by @giuseppe in containers/image#2375

Refactor blobCacheDestination.saveStream by @mtrmac in containers/image#2380

Update to Go1.21 by @mtrmac in containers/image#2377

Avoid a redundant function call by @mtrmac in containers/image#2379

CI VMs: bump to new versions with tmpfs /tmp by @edsantiago in containers/image#2384

Update module github.com/docker/docker to v26.0.2+incompatible [SECURITY] by @renovate in containers/image#2381

Update module github.com/docker/cli to v26.1.0+incompatible by @renovate in containers/image#2383

Update module github.com/docker/docker to v26.1.0+incompatible by @renovate in containers/image#2386

Fix GoDoc link at the top of the README file by @ananthb in containers/image#2387

Update module github.com/docker/cli to v26.1.1+incompatible by @renovate in containers/image#2388

Update module github.com/docker/docker to v26.1.1+incompatible by @renovate in containers/image#2389

Update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f by @renovate in containers/image#2392

[CI:DOCS] Update dependency golangci/golangci-lint to v1.58.0 by @renovate in containers/image#2393

Update module golang.org/x/oauth2 to v0.20.0 by @renovate in containers/image#2395

Update module golang.org/x/term to v0.20.0 by @renovate in containers/image#2396

... (truncated)

Commits

57695f8 [release-5.31] Bump to v5.31.1
edcf253 Don't abort listing tags when we encounter a digest
2281641 Merge pull request #2431 from TomSweeneyRedHat/dev/tsweeney/5.31.1-dev
9ac505f [release-5.31] Bump c/image to v5.31.1-dev
b5a7587 Bump c/image to v5.31.0
21ac79b Merge pull request #2428 from mtrmac/als-toc-fixes
45f4f23 Don't completely ignore already-computed image size if we see an ALS layer
27516f3 Don't modify a storage.Layer returned by c/storage
c2327e4 Don't unnecessarily trust the ALS FUSE server about the TOC digest
db02dee Merge pull request #2426 from containers/renovate/github.com-containers-stora...
Additional commits viewable in compare view

Updates github.com/fluxcd/go-git-providers from 0.15.0 to 0.20.1

Release notes

Sourced from github.com/fluxcd/go-git-providers's releases.

v0.20.1

CHANGELOG

PR #271 Update go-github to v61

v0.20.0

CHANGELOG

PR #270 Update dependencies to Go 1.22

PR #266 build(deps): bump the ci group with 2 updates

PR #265 Update Soule BA Affiliation

PR #263 Change Max's affiliation to Associmates

PR #262 Change Stefan Prodan's affiliation to ControlPlane

v0.19.3

CHANGELOG

PR #261 Adapt workflows

PR #260 build(deps): bump the ci group with 2 updates

PR #259 Updating dependencies and fix go-git CVE

PR #257 changing Soule info

PR #256 github: fix defer in for loop

v0.19.2

CHANGELOG

PR #254 Updating dependencies

PR #253 build(deps): bump the ci group with 1 update

v0.19.1

CHANGELOG

PR #252 build(deps): bump golang.org/x/net from 0.16.0 to 0.17.0

v0.19.0

CHANGELOG

PR #250 Validate user ref when creating user repository

PR #249 updating go and dependencies versions

PR #248 build(deps): bump the ci group with 1 update

PR #247 build(deps): bump the ci group with 2 updates

PR #246 build(deps): bump the ci group with 1 update

PR #244 build(deps): bump github.com/cloudflare/circl from 1.1.0 to 1.3.3

PR #243 build(deps): bump the ci group with 1 update

PR #242 ci: Group dependabot updates

PR #241 build(deps): bump actions/checkout from 3.5.3 to 3.6.0

PR #240 build(deps): bump actions/setup-go from 4.0.1 to 4.1.0

PR #238 Pin GitLab version in e2e tests

PR #237 fix panic when gitea commit object contains nil pointers

v0.18.0

CHANGELOG

v0.17.0

CHANGELOG

PR #236 Declare Gitea client test e2e

... (truncated)

Commits

272285d Merge pull request #269 from fluxcd/retire-maintainers
949a5e2 Merge pull request #271 from fluxcd/update-go-github-61
5d5e8f0 update github.com/google/go-github to v61
9435c30 Merge pull request #270 from fluxcd/go-1.22
6a8bba0 Update dependencies to Go 1.22
3caf1c5 Retire Simon and Yiannis
f66acf2 Merge pull request #266 from fluxcd/dependabot/github_actions/ci-0c39cf4907
5ba0e70 build(deps): bump the ci group with 2 updates
df839c5 Merge pull request #265 from fluxcd/souleb-affiliation
6bd8d84 Update Soule BA Affiliation
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/event from 0.5.2 to 0.9.0

Commits

598e74e git: update dependencies
c28ef00 Merge pull request #463 from fluxcd/go-git-bc-tag
da9a7b7 go-git: transform revision for last observed tag
0009fda Merge pull request #404 from fluxcd/commit-string-fmt
db0daab git: make LastObservedCommit backwards compatible
3fb1b65 git: tidy code around digests
b097686 git: align tests and code with commit fmt change
24a228c git: change Commit#String format
da2a476 Merge pull request #462 from fluxcd/event-digest-key
7053ad7 apis/event: add MetaDigestKey
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.1.2 to 1.5.0

Commits

e32ccc2 Merge pull request #763 from fluxcd/kubernetes-1.30
2b974af Update sigs.k8s.io/controller-tools to v0.15.0
52c1fc5 Update sigs.k8s.io/controller-runtime to v0.18.0
c906252 Update dependencies to Kubernetes 1.30
92c1348 Merge pull request #764 from fluxcd/dependabot/github_actions/ci-e44cfae560
ccb916a build(deps): bump the ci group with 3 updates
6081556 Merge pull request #761 from fluxcd/kustomize-name-prefix-suffix
abf5675 kustomize: Add support for namePrefix and nameSuffix
98d2522 Merge pull request #760 from fluxcd/dependabot/github_actions/ci-8f082d4f6d
efcd824 build(deps): bump docker/setup-buildx-action in the ci group
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.35.0 to 0.47.1

Commits

adcfcbe Merge pull request #769 from fluxcd/controller-runtime-v0.18.1
0e74a82 Update runtime pkg docs
b329d92 Update dependencies to controller-runtime v0.18.1
d0bf8ed Merge pull request #768 from fluxcd/dependabot/github_actions/ci-b93eff89fb
14f05d7 build(deps): bump actions/checkout from 4.1.3 to 4.1.4 in the ci group
3790516 Merge pull request #767 from fluxcd/up-internal-deps
37ea30c Update internal dependencies
e32ccc2 Merge pull request #763 from fluxcd/kubernetes-1.30
2b974af Update sigs.k8s.io/controller-tools to v0.15.0
52c1fc5 Update sigs.k8s.io/controller-runtime to v0.18.0
Additional commits viewable in compare view

Updates github.com/fluxcd/source-controller/api from 1.1.0 to 1.3.0

Release notes

Sourced from github.com/fluxcd/source-controller/api's releases.

v1.3.0

Changelog

v1.3.0 changelog

Container images

docker.io/fluxcd/source-controller:v1.3.0

ghcr.io/fluxcd/source-controller:v1.3.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.5

Changelog

v1.2.5 changelog

Container images

docker.io/fluxcd/source-controller:v1.2.5

ghcr.io/fluxcd/source-controller:v1.2.5

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.4

Changelog

v1.2.4 changelog

Container images

docker.io/fluxcd/source-controller:v1.2.4

ghcr.io/fluxcd/source-controller:v1.2.4

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.3

Changelog

... (truncated)

Changelog

Sourced from github.com/fluxcd/source-controller/api's changelog.

1.3.0

Release date: 2024-05-03

This minor release promotes the Helm APIs to GA, and comes with new features, improvements and bug fixes.

HelmRepository

The HelmRepository API has been promoted from v1beta2 to v1 (GA). The v1 API is backwards compatible with v1beta2.

For HelmRepository of type oci, the .spec.insecure field allows connecting over HTTP to an insecure non-TLS container registry.

To upgrade from v1beta2, after deploying the new CRD and controller, set apiVersion: source.toolkit.fluxcd.io/v1 in the YAML files that contain HelmRepository definitions. Bumping the API version in manifests can be done gradually. It is advised not to delay this procedure as the beta versions will be removed after 6 months.

HelmChart

The HelmChart API have been promoted from v1beta2 to v1 (GA). The v1 API is backwards compatible with v1beta2, with the exception of the removal of the deprecated field .spec.valuesFile which was replaced with spec.valuesFiles.

The HelmChart API was extended with support for Notation signature verification of Helm OCI charts.

A new optional field .spec.ignoreMissingValuesFiles has been added, which allows the controller to ignore missing values files rather than failing to reconcile the HelmChart.

OCIRepository

The OCIRepository API was extended with support for Notation signature verification of OCI artifacts.

A new optional field .spec.ref.semverFilter has been added, which allows the controller to filter the tags based on regular expressions before applying the semver range. This allows picking the latest release candidate instead of the latest stable release.

In addition, the controller has been updated to Kubernetes v1.30.0, Helm v3.14.4, and various other dependencies to their latest version to patch upstream CVEs.

... (truncated)

Commits

a80a99b Merge pull request #1472 from fluxcd/release-v1.3.0
70901f8 Release v1.3.0
05ab8b1 Add changelog entry for v1.3.0
c9bf167 Merge pull request #1298 from fluxcd/phony-build
cc3d495 ci: Print controller logs after e2e run
0bd5b95 Rename make target build to manager
edccfe9 Merge pull request #1470 from fluxcd/dependabot/github_actions/ci-b23e0286c6
9ce2d61 build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 in the ci group
16eeeef Merge pull request #1469 from fluxcd/dependabot/go_modules/go-deps-4411c5bc33
8598b8d build(deps): bump google.golang.org/api
Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.12.0

What's Changed

git: Worktree.AddWithOptions: add skipStatus option when providing a specific path by @moranCohen26 in go-git/go-git#994

git: Signer: fix usage of crypto.Signer interface by @wlynch in go-git/go-git#1029

git: Remote, fetch, adds the prune option. by @juliens in go-git/go-git#366

git: Add crypto.Signer option to CommitOptions. by @wlynch in go-git/go-git#996

git: Worktree checkout tag hash id (#959) by @aymanbagabas in go-git/go-git#966

git: Worktree, Don't panic on empty or root path when checking if it is valid by @tim775 in go-git/go-git#1042

git: Add commit validation for Reset by @pjbgf in go-git/go-git#1048

git: worktree_commit, Fix amend commit to apply changes. Fixes #1024 by @onee-only in go-git/go-git#1045

git: Implement Merge function with initial FastForwardMerge support by @pjbgf in go-git/go-git#1044

plumbing: object, Make first commit visible on logs filtered with filename. Fixes #191 by @onee-only in go-git/go-git#1036

plumbing: no panic in printStats function. Fixes #177 by @nodivbyzero in go-git/go-git#971

plumbing: object, Optimize logging with file. by @onee-only in go-git/go-git#1046

plumbing: object, check legitimacy in (*Tree).Encode by @niukuo in go-git/go-git#967

plumbing: format/gitattributes, close file in ReadAttributesFile by @prskr in go-git/go-git#1018

plumbing: check setAuth error. Fixes #185 by @nodivbyzero in go-git/go-git#969

plumbing: object, fix variable defaultUtf8CommitMessageEncoding name spell error by @Jerry-yz in go-git/go-git#987

utils: merkletrie, calculate filesystem node's hash lazily. by @candid82 in go-git/go-git#825

utils: update comment in node.go's Hash() by @codablock in go-git/go-git#992

_example: fix 404 link and added ssh-agent clone link by @grinish21 in go-git/go-git#1022

_example: checkout-branch example by @dlambda in go-git/go-git#446

_example: example for git clone using ssh-agent by @pjbgf in go-git/go-git#998

New Contributors

@candid82 made their first contribution in go-git/go-git#825

@codablock made their first contribution in go-git/go-git#992

@Jerry-yz made their first contribution in go-git/go-git#987

@wlynch made their first contribution in go-git/go-git#996

@moranCohen26 made their first contribution in go-git/go-git#994

@grinish21 made their first contribution in go-git/go-git#1022

@prskr made their first contribution in go-git/go-git#1018

@dlambda made their first contribution in go-git/go-git#446

@juliens made their first contribution in go-git/go-git#366

@onee-only made their first contribution in go-git/go-git#1036

@tim775 made their first contribution in go-git/go-git#1042

@niukuo made their first contribution in go-git/go-git#967

@avoidalone made their first contribution in go-git/go-git#1047

Full Changelog: go-git/go-git@v5.11.0...v5.12.0

Commits

302ddde Merge pull request #1060 from go-git/dependabot/go_modules/github.com/gliderl...
6bba34d build: bump github.com/gliderlabs/ssh from 0.3.6 to 0.3.7
feaeb36 Merge pull request #937 from matejrisek/feature/rename-short-fields
7959a42 Merge pull request #1052 from go-git/dependabot/go_modules/github.com/skeema/...
4c17ce7 build: bump github.com/skeema/knownhosts from 1.2.1 to 1.2.2
3f77e6f Merge pull request #1048 from pjbgf/fix-reset-validation
6af38e0 Merge pull request #1047 from avoidalone/master
e6c3e58 Merge pull request #1044 from pjbgf/ff-merge
04f7b23 *: fix some comments
f4f1a87 Merge pull request #971 from nodivbyzero/fix-177-diff-print-file-stats
Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Fix lint: named but unused params by @thockin in go-logr/logr#268

Add a Go report card, fix lint by @thockin in go-logr/logr#271

funcr: Handle nested empty groups properly by @thockin in go-logr/logr#274

Dependencies:

build(deps): bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot in go-logr/logr#254

build(deps): bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in go-logr/logr#256

build(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#257

build(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in go-logr/logr#259

build(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in go-logr/logr#260

build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in go-logr/logr#263

build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in go-logr/logr#262

build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in go-logr/logr#264

build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in go-logr/logr#266

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in go-logr/logr#267

build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in go-logr/logr#270

build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in go-logr/logr#272

build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in go-logr/logr#275

build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in go-logr/logr#276

build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in go-logr/logr#277

build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by @dependabot in go-logr/logr#278

build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in go-logr/logr#279

build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in go-logr/logr#280

build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in go-logr/logr#281

build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by @dependabot in go-logr/logr#282

build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by @dependabot in go-logr/logr#283

build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in go-logr/logr#284

build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in go-logr/logr#285

build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in go-logr/logr#286

build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in go-logr/logr#288

build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.3.0 by @dependabot in go-logr/logr#289

build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 by @dependabot in go-logr/logr#293

build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in go-logr/logr#292

build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in go-logr/logr#291

build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in go-logr/logr#290

build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in go-logr/logr#294

build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in go-logr/logr#295

Full Changelog: go-logr/logr@v1.4.1...v1.4.2

Commits

1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
Additional commits viewable in compare view

Updates github.com/open-component-model/ocm from 0.8.0 to 0.11.0

Release notes

Sourced from github.com/open-component-model/ocm's releases.

v0.11.0

Changelog

72f033b0 (redo)Only re-encode subst value if it smells like json and target doc is yaml (#796)

0c499cf2 Bump anchore/sbom-action from 0.15.11 to 0.16.0 in the ci group (#777)

165edcc4 Bump github.com/cloudflare/cfssl from 0.0.0-20180223231731-4e2dcbde5004 to 1.6.5 (#787)

89b6e960 Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 in the go group (#786)

87aa3425 Bump goreleaser/goreleaser-action from 5 to 6 in the ci group (#802)

b835e96c Bump the go group with 11 updates (#778)

9b01bcaa Bump the go group with 14 updates (#805)

de169445 Bump the go group with 15 updates (#770)

ee356cdb Flake.nix (#795)

509ba891 Follow Up To Maven Access (#781)

93412ff3 Maven/access2 (#731)

c02802f7 Release v0.11.0

d1ab90dd ReleaseNotes for v0.11.0

01f0e6f0 Revert "Bump goreleaser/goreleaser-action from 5 to 6 in the ci group… (#806)

70f15885 Update version file to 0.11.0-dev

93c6bad8 Vault tests (#749)

2f023223 add workflow for updateVendorHash of flake (#789)

5d36b1eb early CD validation for AddVersion (#779)

84b92318 extract optionutils + fix new usages of moved packages (#775)

e76ec98c finally at least be able to sign commits (#800)

4f6c9eb3 fix maven issues (#790)

6fa92aae fix maven uploader and rename mavenArtifact to mavenPackage (#799)

075c42ee fix pss signing server signing (#774)

a8a27810 fix update-vendor-hash (#791)

1ba6e562 fix updateVendorHash (#793)

55c022cd fix: make sure that format of replacement matches file format (#773)

ab463b22 fix: only have yaml out put on stdout if dryrun is enabled (#780)

c29184fe fix: use sync.OnceFunc instead of the struct package local value (#772)

d16f64ba goutils refactoring (#803)

7f814d56 let's create PRs instead of direct commits (#792)

edaf5ea8 remove SPDX Header (#776)

862458c1 sonatype nexus - quirks modes (#782)

49a79ea7 update github.com/mandelsoft/logging

16f55524 update release notes (#807)

ba23b9fd utility function to get module name (#783)

7a913dc5 various fixes/improvements for tests and paths to prepare migration (#788)

v0.10.0

Release v0.10.0

externalize general go utilities in packages pkg{errors,exceptions,generics,finalizer} (#761)

Bump the go group with 12 updates (#768)

feat: add silent flag and fix dry run with prerequisites (#767)

let's get rid of reuse PendingDeprecationWarning (#765)

fix: stop ignoring most of the errors (#745)

feat: add uninstall command to the controller (#766)

Create codeql.yml (#764)

Npm/auth access (#757)

... (truncated)

Commits

c02802f Release v0.11.0
16f5552 update release notes (#807)
01f0e6f Revert "Bump goreleaser/goreleaser-action from 5 to 6 in the ci group… (#806)
d16f64b goutils refactoring (#803)
9b01bca Bump the go group with 14 updates (#805)
d1ab90d ReleaseNotes for v0.11.0
87aa342 Bump goreleaser/goreleaser-action from 5 to 6 in the ci group (#802)
e76ec98 finally at least be able to sign commits (#800)
6fa92aa fix maven uploader and rename mavenArtifact to mavenPackage (#799)
72f033b (redo)Only re-encode subst value if it smells like json and target doc is yam...
Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.16.0 to 0.20.0

Commits

84cb9f7 oauth2: fix typ...
Description has been truncated

Bumps the go group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | code.gitea.io/sdk/gitea | `0.15.1` | `0.18.0` | | [github.com/containers/image/v5](https://github.com/containers/image) | `5.29.2` | `5.31.1` | | [github.com/fluxcd/go-git-providers](https://github.com/fluxcd/go-git-providers) | `0.15.0` | `0.20.1` | | [github.com/fluxcd/pkg/apis/event](https://github.com/fluxcd/pkg) | `0.5.2` | `0.9.0` | | [github.com/fluxcd/pkg/apis/meta](https://github.com/fluxcd/pkg) | `1.1.2` | `1.5.0` | | [github.com/fluxcd/pkg/runtime](https://github.com/fluxcd/pkg) | `0.35.0` | `0.47.1` | | [github.com/fluxcd/source-controller/api](https://github.com/fluxcd/source-controller) | `1.1.0` | `1.3.0` | | [github.com/go-logr/logr](https://github.com/go-logr/logr) | `1.4.1` | `1.4.2` | | [github.com/open-component-model/ocm](https://github.com/open-component-model/ocm) | `0.8.0` | `0.11.0` | Updates `code.gitea.io/sdk/gitea` from 0.15.1 to 0.18.0 Updates `github.com/containers/image/v5` from 5.29.2 to 5.31.1 - [Release notes](https://github.com/containers/image/releases) - [Commits](containers/image@v5.29.2...v5.31.1) Updates `github.com/fluxcd/go-git-providers` from 0.15.0 to 0.20.1 - [Release notes](https://github.com/fluxcd/go-git-providers/releases) - [Changelog](https://github.com/fluxcd/go-git-providers/blob/main/.goreleaser.yml) - [Commits](fluxcd/go-git-providers@v0.15.0...v0.20.1) Updates `github.com/fluxcd/pkg/apis/event` from 0.5.2 to 0.9.0 - [Commits](fluxcd/pkg@kustomize/v0.5.2...git/v0.9.0) Updates `github.com/fluxcd/pkg/apis/meta` from 1.1.2 to 1.5.0 - [Commits](fluxcd/pkg@apis/meta/v1.1.2...apis/meta/v1.5.0) Updates `github.com/fluxcd/pkg/runtime` from 0.35.0 to 0.47.1 - [Commits](fluxcd/pkg@oci/v0.35.0...runtime/v0.47.1) Updates `github.com/fluxcd/source-controller/api` from 1.1.0 to 1.3.0 - [Release notes](https://github.com/fluxcd/source-controller/releases) - [Changelog](https://github.com/fluxcd/source-controller/blob/main/CHANGELOG.md) - [Commits](fluxcd/source-controller@v1.1.0...v1.3.0) Updates `github.com/go-git/go-git/v5` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.11.0...v5.12.0) Updates `github.com/go-logr/logr` from 1.4.1 to 1.4.2 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.4.1...v1.4.2) Updates `github.com/open-component-model/ocm` from 0.8.0 to 0.11.0 - [Release notes](https://github.com/open-component-model/ocm/releases) - [Changelog](https://github.com/open-component-model/ocm/blob/main/.goreleaser.yaml) - [Commits](open-component-model/ocm@v0.8.0...v0.11.0) Updates `golang.org/x/oauth2` from 0.16.0 to 0.20.0 - [Commits](golang/oauth2@v0.16.0...v0.20.0) --- updated-dependencies: - dependency-name: code.gitea.io/sdk/gitea dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/go-git-providers dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/pkg/apis/event dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/pkg/apis/meta dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/pkg/runtime dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/fluxcd/source-controller/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/open-component-model/ocm dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go ... Signed-off-by: dependabot[bot] <[email protected]>

github-actions · 2024-06-23T23:14:41Z

Mend Scan Summary: ❌

Repository: open-component-model/git-controller

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	3
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	1
LICENSE RISK HIGH	8
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI

dependabot · 2024-11-29T11:27:08Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added kind/dependency dependency update, etc. go labels Jun 23, 2024

dependabot bot mentioned this pull request Jun 23, 2024

chore(deps): bump the go group across 1 directory with 11 updates #157

Closed

Merge branch 'main' into dependabot/go_modules/go-dec8d08285

4c72253

hilmarf requested a review from a team as a code owner November 29, 2024 11:25

settings bot removed the go label Nov 29, 2024

dependabot bot closed this Nov 29, 2024

dependabot bot deleted the dependabot/go_modules/go-dec8d08285 branch November 29, 2024 11:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the go group across 1 directory with 11 updates #158

chore(deps): bump the go group across 1 directory with 11 updates #158

dependabot bot commented on behalf of github Jun 23, 2024 •

edited

Loading

github-actions bot commented Jun 23, 2024 •

edited

Loading

dependabot bot commented on behalf of github Nov 29, 2024

chore(deps): bump the go group across 1 directory with 11 updates #158

chore(deps): bump the go group across 1 directory with 11 updates #158

Conversation

dependabot bot commented on behalf of github Jun 23, 2024 • edited Loading

v5.31.1

v5.31.0

What's Changed

v0.20.1

v0.20.0

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.0

v0.17.0

v1.3.0

Changelog

Container images

v1.2.5

Changelog

Container images

v1.2.4

Changelog

Container images

v1.2.3

Changelog

1.3.0

HelmRepository

HelmChart

OCIRepository

v5.12.0

What's Changed

New Contributors

v1.4.2

What's Changed

Dependencies:

v0.11.0

Changelog

v0.10.0

github-actions bot commented Jun 23, 2024 • edited Loading

Mend Scan Summary: ❌

Repository: open-component-model/git-controller

dependabot bot commented on behalf of github Nov 29, 2024

dependabot bot commented on behalf of github Jun 23, 2024 •

edited

Loading

github-actions bot commented Jun 23, 2024 •

edited

Loading